IT Norwich Ltd – Privacy Policy
This policy was last reviewed on 11th January 2022.
We take your privacy seriously. Our ICO registration page is here. We are corporate sponsors of the Open Rights Group, see here. This policy applies to data that we store on our own systems and the data we store on the systems of third parties on your behalf. The policy does not cover the systems owned or controlled by you or your employer. Your employer is responsible for the data stored on their systems so please refer to their privacy policy of you have any questions in that regard.
The type of personal information we collect.
Depending upon the scope and nature of the services we provide to you or your employer, we currently collect and process personal and online identifiers. Such identifiers can include your name, job title, your place of work, IP addresses, MAC address and account identifiers including usernames. We will typically also store and backup data for and on behalf of your employer which may contain additional data of a personal nature. If you do not wish this data to be stored in this way then do not use your employers systems for your personal use.
How we get the personal information and why we have it.
The personal information we process is provided to us directly by you or your employer in order that we can provision and support computer systems and related services for your use. In situations where we are asked to support third party systems, we may also receive personal information indirectly (for example if we are asked to take over support of pre-existing systems and services). We may share personal information with one or more organisations when we provide services to you but will not share data with any third party unless this is the case, other than when required by law or by your employer. The lawful basis we rely on for processing this information are that of a contractual obligation to your employer.
How we store your personal information.
Your personal information is created, stored and transmitted in a variety of paper and electronic formats, including in network shares and databases on our own computer network and in third party systems we use to support and manage the various IT systems at your employer’s disposal. We keep your personal data on our systems until your employer instructs us that you are no longer entitled to access their systems and all related services have been decommissioned. You should allow up to ninety days after we have received this instruction from your employer for your data to be removed from our live systems. After that date some personal data may remain on backups for a further six months.
Your data protection rights.
Under data protection law, you have rights which include the following:
- You have the right to ask us for copies of your personal information.
- You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- You have the right to ask us to erase your personal information in certain circumstances.
- You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- You have the the right to object to the processing of your personal information in certain circumstances.
- You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
- If you make a request, we have one month to respond to you.
Please contact us if you wish to make a request.
How to complain.
If you have any concerns about our use of your personal information, please contact us in the first instance. You can also complain to the ICO if you are unhappy with how we have used your data. Contact them at: The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. The ICO Helpline number is 0303 123 1113 and ICO website: https://www.ico.org.uk